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DETAILED ACTION 

1. A request for continued examination under 37 CFR 1.114, including the fee set forth 
in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
5/01/06 has been entered. 

2. The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior office action. 

Response to Amendment 

3. Claims 1, 6, 16, 22, 26 and 30 have been amended. Applicant arguments are 
directed towards the newly introduced claim limitations. 

These limitations are addressed in this Office Action, below. 

4. Claims 1-20, 22-26 and 30 have been examined. 

Claim Objections 

5. Claims 1-16 are objected to because of the following informalities: claim 1 recites "a 
machine learning component that determines anticipated authentication challenges 
to resource requests from applications based upon run-time learning during previous 
resource requests by application". It is clear from the specification that the newly 
introduced limitations are associated with "cache" (e.g. pg. 13-14). However, the 
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specification does not clearly disclose "a machine learning component" 
implementing caching. 

The claims are not rejected under 35 USC § 112 first paragraph rejection since 
caching is well known and implemented in the art of computing due to the data 
access efficiency. Various types of algorithms are utilized to implement caching. 
For example, some types of algorithms select the most frequently used 
requests/files that reads on the claim language. Of course in order to accomplish 
tasks, including identification of frequently used requests, computers use programs. 
Thus systems implementing such caching inherently comprise a component that 
would read on a machine learning component as recited in the claim language. 
However, since the examiner did not find clear disclosure of the "machine learning 
component" it is not clear whether such interpretation is correct. 

6. Claims 2-16 are objected by virtue of their dependence. 

Claim Rejections - 35 USC §112 

7. Claims 1-20, 22-26 and 30 are rejected under 35 U.S.C. 1 12, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. The term "run-time learning" 
introduced by the amendment in claims 1,16, 22, 26 and 30 is not clear and for 
purposes of further examination the phrase is treated as best understood. 

8. Claims 2-15, 17-19 and 23-25 are rejected by virtue of their dependence. 
Appropriate correction is required. 
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Claim Rejections - 35 USC § 103 

9. Claims 1-5, 13, 16-18 and 30 are rejected under 35 U.S.C. 103(a) as being obvious 
over Wu et ai (U.S, Patent No. 5774551) in view of caching as illustrated by 
Hamilton (Caching, http://www.net.lut.ac. ul</eval/node6. html), Michel (U.S. Pub. No. 
20020133570) and Laferetal. (U.S. Patent No. 6192382). 
As per claims 1,16 and 30 Wu etal. teach employing a component implemented on 
a computer readable medium to accept an authentication challenge and passing a 
first data associated with the authentication challenge to an authentication manager 
(Wu et ai, Fig. 1, col. 9 lines 47-col. 56). Wu et al. teach that the authentication 
manager processes the first data into second data of a first type appropriate for a 
first authentication module, and that the authentication manager processes the first 
data into second data of a second type appropriate for a second authentication 
module, the first and second authentication modules having different requirements 
for the second data and passing at least one of the second data associated with the 
authentication challenge to one or more authentication modules, where the 
authentication modules are registered with the authentication manager, and where 
the authentication modules are operatively connected to the authentication manager 
(Wu etal., col. 9 lines 63-67). The authentication modules are registered with the 
authentication manager (Wu etal., coi 9 lines 52-56) and produce one or more 
responses to the authentication challenge (Wu et al., col. 9 lines 67-coL 10 line 2). 
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10. As per claims 13 and ^8Wuet al, teach that the authentication challenge is 
generated by at least one of a Kerberos authentication system, a digest 
authentication system, a Basic authentication system, an NTLM authentication 
system and a certificate based authentication system (Wu etal., col. 2 lines 1-43) 
and it is a multipart authentication challenge (Wu et al., col. 9 lines 65-67). 

^^,Wu et al. does not teach determining anticipated requests from applications based 
upon run-time learning during previous resource requests by applications. 
However, an old and well-known concept of caching, as illustrated by Hamilton, 
Michel [24]and Lafer et al. (col. 3 lines 56-58), implements anticipating requests 
based upon run-time learning during previous resource requests. 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate determining anticipated requests from applications based 
upon run-time learning during previous resource requests by applications as taught 
by Michel and Lafer et al. given the benefit of increased performance and decreased 
response time to requests. 

12. Claims 6-7, 22-23 and 26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wu et al. (U.S. Patent No. 5774551) In view of caching as 
illustrated by Hamilton (Caching, http://www.net.lut.acMk/eval/node6.html), Michel 
(U.S. Pub. No. 20020133570) and Lafer etai (U.S. Patent No. 6192382) and further 
in view of Travis et al. (U.S. Patent No. 6269367). 

As per claims 3-5 and 7 and 23 Wu et al. teach multipart authentication generated 
by at least one of a Kerberos authentication system, a digest authentication system. 



Application/Control Number: 09/818,358 Page 6 

Art Unit: 2134 

a Basic authentication system, an NTLM authentication system and a certificate 
based authentication system and producing a set of third data as discussed above 
and teach that the authentication modules employ one or more services (Wu et al., 
col. 21 lines 10-23). 

13. Furthermore, claims 6, 22 and 26 essentially refer to a pre-step of a previously 
discussed authentication, wherein instead of receiving, processing and responding 
to data associated with the communication challenge. The test is conducted and 
wherein test data received by the authentication manager triggers "pre- 
authentication procedures" that are essentially the same as the authentication 
procedures. Although, Wu etal. do not explicitly discuss test procedures, 
conducting tests prior to implementation of a system is old and well-known practice 
as shown by Travis et al. (col. 2 lines 20-41) giving a benefit of addressing and 
avoiding potential problems prior to the system's live implementation. 

14. Claims 8-12, 14-15, 19-20 and 24-25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wu et al. (U.S. Patent No, 5774551) in view of caching as 
illustrated by Hamilton (Caching, http://www.net.lut.ac.uk/eval/node6.html), Michel 
(U.S. Pub. No. 20020133570) and Later etal. (U.S. Patent No. 6192382) and further 
in view of Travis etal. (U.S. Patent No, 6269367) and Object Oriented Programming 
as illustrated by Burroughs et al (U.S. Patent No. 5878411), Kumar et al. (U.S. 
Patent No. 6343287), Microsoft Press (Microsoft Press, "Computer Dictionary, 3"^ 
edition, ISBN: 157231446X, 1997) and New Rider (New Rider, "Windows 98 
Professional Reference " http://cma.zdnet com/book/win98prfref/ch 1 5/ch 1 5. htm). 
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As per claims 8 and 10-1 1 Wu et al/s invention is object-oriented system that uses a 
class factory (Wu etaL, col. 12 lines 4-19, 39-47, col. 13 lines 4-11). However, Wu 
et al. do not explicitly teach instantiating one or more authentication objects based, 
at least in part, on the first data, and authentication objects callable by the 
authentication manager, and a data store that holds information associated with 
selectively instantiating the one or more authentication objects that can be callable 
by the authentication manager. However, these concepts are well known in the art. 
For example, Burroughs et al. disclose fundamentals of Object Oriented 
Programming: 

"A fundamental concept in OOP is the class. A class is a template or prototype that 
defines a type of object. A programmer may define a class by writing a section of 
code known as a class definition. An object is an instance of a class. An object is 
created or instantiated at run-time, i.e., when the computer executes a statement in 
the program calling for the instantiation of an object of a specified class. An object 
may include attributes or data as well as functions or methods. The class definition 
specifies the attributes and methods. The attributes are represented in an object by 
the values of instance variables" (Burroughs et al., col. 5 lines 15-25). 
15. Another example is provided by Kumar etaL who's invention involves 

"a mechanism, method, and computer program product for linking a profile service 
instance to a plurality of external data stores. External data store profile that "is 
created in the profile service that names the connector class. An external data store 
reference object is created in the profile service instance that identifies the external 
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data store profile and a number of parameters that specify particular data desired 
from the external data store. A profile within the profile service instance includes an 
attribute that names the data store reference object. When the attribute is evaluated, 
the data store reference object is instantiated, optionally using parameters specified 
at runtime, and passed as a parameter to an instance of the data store connector 
class identified by the external data store profile" (Kumar et al., col. 5 lines 10-32). 
In light of the above references it would have been obvious to one of ordinary skill in 
the art at the time of applicant's to register objects with the class factory and with the 
data store instantiating one or more authentication objects based, at least in part, on 
the first data, and authentication objects callable by the authentication manager, and 
a data store that holds information associated with selectively instantiating the one 
or more authentication objects callable by the authentication manager. One of 
ordinary skill in art at the time of applicant's invention would have employed such a 
modification to conform with and take a full advantage of object oriented design, as 
well as to ensure that the objects are known and utilized by the system. 
16. As per claims 12 and 25 Wu et ai do not explicitly teach that the applications do not 
have to be receded or recompiled in order to employ the newly registered object" is 
acknowledged. 

However, as illustrated by Microsoft Press (dynamic link library, pg. 166) as well as 
the New Rider's "Windows 98 Professional Reference" reference (New Rider, 
"Understanding HKEY_CLASSES_ROOT" section) disclose application that does 
not have to be receded or recompiled to employ the registered objects were well 
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known in the art and it would have been obvious to one of ordinary skill in the art at 
the time of applicant's invention to incorporate such applications in order to speed up 
the applications' execution. 

17. As per claims 19-20 and 24 \Nu et al. teach that one or more authentication modules 
are "plugged" into and communicate with "pluggable account management" as 
objects fe.gr. passing parameters, Fig, 1 and col. 13 line 53 ooi 14 line 35) and it 
would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to keep updating the authentication solution disclosed by Wu etal. by 
extending available modules including additional authentication schemes modules. 
One of ordinary skill in the art would have been motivated to perform such a 
modification in order to accommodate new authentication protocols. 

18. As per claims 14-15 Wu etal/s distributed authentication includes the computer 
facilitating the authentication, terminal and remote computers (Wu etal. Fig, 1), 

Conclusion 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Peter Poltorak whose telephone number is 
(571) 272-3840. The examiner can normally be reached Monday through Thursday 
from 9:00 a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Jacques Louis Jacques can be reached on (571)272-6962. 
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The fax phone number for the organization where this application or proceeding is 
assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair-direct.uspto.gov. 
Should you have questions on access to the Private PAIR system, contact the 
Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





